Vulnerability Database
Blog
FAQ
Docs
GO-2024-2994
See a problem?
Source
https://pkg.go.dev/vuln/GO-2024-2994
Import Source
https://vuln.go.dev/ID/GO-2024-2994.json
JSON Data
https://api.osv.dev/v1/vulns/GO-2024-2994
Aliases
CVE-2024-5321
GHSA-82m2-cv7p-4m75
Published
2024-07-22T18:24:38Z
Modified
2024-07-22T18:56:41.473712Z
Summary
Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
Details
Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
References
https://github.com/advisories/GHSA-82m2-cv7p-4m75
https://nvd.nist.gov/vuln/detail/CVE-2024-5321
https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa
https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a
https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190
https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1
https://github.com/kubernetes/kubernetes/issues/126161
https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
Affected packages
Go
/
k8s.io/kubernetes
Package
Name
k8s.io/kubernetes
View open source insights on deps.dev
Purl
pkg:golang/k8s.io/kubernetes
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
1.27.16
Introduced
1.28.0
Fixed
1.28.12
Introduced
1.29.0
Fixed
1.29.7
Introduced
1.30.0
Fixed
1.30.3
GO-2024-2994 - OSV